Blog Archives

02: HTTP basics on headers, MIME types, & cookies for Java developers

Q1. What happens when you open up a browser and type a URL to request a Web page or RESTFul web service data? A1. HTTP is a stateless protocol on top of TCP (Transmission Control Protocol). 1) When the IP address is obtained, the browser will attempt to open a…

Read more ...

Chrome Postman to test and debug RESTful Web Services

Step 1 You need to get the Postman extension for the Google chrome browser.

Step 2 Search and add POSTMAN.

Step 3 Once installed, open it from the Apps link.


Step 4 Set the TEST URL, HTTP headers (especially the content type application/json, etc), and HTTP method (GET, POST, PUT, etc) and then click on send.



for the completeness, the REST service could have been implemented using Spring MVC, and the controller implementation looking like

Read more ...

Debugging connection refused issues in Java with 9 tips

Possible reasons for “refused connections” 1) Client & Server are not connected by the LAN. For example, they can be in the different zones. 2) The Server might not be running. 3) The server might be listening on a different port or the server might have not started properly as…

Read more ...

Debugging Certificates do not conform to algorithm constraints

Why? You may have a certificate with SHA1RSA key size less than 1024 bits or you have a certificate in your chain that uses MD2RSA.

Explanation? MD2 was widely recognized as insecure and thus disabled in Java in version JDK 7 onwards. If you check the “” file under “$JAVA_HOME/jre/lib/security”, you will see a line as shown below. This means disable MD2 for all and RSA for certs with key size less than 1024 bits.

So, if you have a cert that is less than 1024 bits, you can this error.

How to find the certificate key size?

Step 1: Download the certificate via the browser (e.g. Google Chrome) by hitting the URL, clicking on the lock symbol to save the cert as say myapp.cer.

Step 2: Use the OpenSSL tool to find the size of the key.

This will print the cert details and the key size.

Read more ...

Debugging SSL issues in Java & tools to debug

Q1. What are some of the issues you encounter with SSL handshake?
A1. Some of the issues you try to debug are

  • Presence of a valid certificate in trust store
  • Incorrect certificate chains in the client or server truststore
  • Invalid key algorithm used for private keys
  • Expired certificate
  • Incorrect passwords used to access the keys
  • Multiple private keys to choose from

Q2. How does your SSL client look for the right certificate in a truststore?
A2. The client needs to have the truststore configured in any one of following ways and appropriate certificate imported into it.

Option 1: Specify it for a specific SSL connection via configuration files. For example, cxf.xml may look like

Example 1:

Read more ...

500+ Enterprise & Core Java programmer & architect Q&As

Java & Big Data Tutorials